﻿using System;
using System.Collections.Generic;
using System.Configuration;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace Project
{
    public partial class forgetPassword : System.Web.UI.Page
    {
#region Navid_code
        static string connectionString = ConfigurationManager.ConnectionStrings["StudentAdvisorString"].ConnectionString;
        SqlConnection connection = new SqlConnection(connectionString);
        SqlCommand checkForSecurityAnswers = null;
        SqlCommand setTempPassword = null;
        
        SqlDataReader reader = null;

        protected void Page_Load(object sender, EventArgs e)
        {

        }

        protected void btn_getPassword_Click(object sender, EventArgs e)
        {
            connection.Open();
            string checkSecAnswer = "select answer1,answer2,Email from tblUserLogin where UserId = @userId";
            checkForSecurityAnswers = new SqlCommand(checkSecAnswer, connection);

            SqlParameter para1 = new SqlParameter();
            para1.ParameterName = "@userId";
            para1.Value = txt_userName.Text.Trim();
            checkForSecurityAnswers.Parameters.Add(para1);

            reader = checkForSecurityAnswers.ExecuteReader();
            string ans1 = null;
            string ans2 = null;
            string email = null;
            while (reader.Read())
            {
                ans1 = (string)reader[0].ToString();
                ans2 = (string)reader[1].ToString();
                email = (string)reader[2].ToString();

            }
            reader.Close();

            connection.Close();

            connection.Open();
            String fnlName = "select StudentFirstName,StudentLastName from tblStudentInfo where StudentId= " + txt_userName.Text.Trim();
            SqlCommand getFnLName = new SqlCommand(fnlName, connection);
            reader = getFnLName.ExecuteReader();
            string fnLName = null;
            while (reader.Read()) {
                fnLName = (string)reader[0];
                fnLName = fnLName + " " + (string)reader[1];
            }
            connection.Close();
            
            if (ans1 == txt_answer1.Text.Trim() && ans2 == txt_answer2.Text.Trim())
            {
                MailHelper.SendMailMessage("cencolstudentadvisor@gmail.com", email, null, null, "Password Reset", "Hi," + fnLName + "Your Password has been reset. Use the temprary password '123456' to login to our website 'http://localhost:5995/Default.aspx'");
                lbl_message.Text = "Temporary password has been mailed to your Email Address";
                string setTempPasswordString = "update tblUserLogin set Password = tempPassword where UserId=" + txt_userName.Text.Trim();
                setTempPassword = new SqlCommand(setTempPasswordString, connection);
                connection.Open();
                setTempPassword.ExecuteNonQuery();
                connection.Close();
            }
            else {
                lbl_message.Text = "Doesn't match the answer that you provided";
            }

        }
#endregion  Navid_code
    }

}